homeserver-ansible/run.yml

---
- hosts: sv
  become: yes

  gather_facts: no

  pre_tasks:
    - import_tasks: tasks/set_host.yml
      tags:
        - host
    - import_tasks: tasks/ssh_port.yml
      tags:
        - port
    - import_tasks: tasks/bootstrap.yml
      tags:
        - bootstrap

  roles:
    - role: system
      tags:
        - system
    
    - role: aur
      tags:
        - aur
      when: enable_aur

    - role: filesystems
      tags:
        - filesystems
      when: enable_filesystems

    - role: backup
      tags:
        - backup
      when: enable_backup

    - role: networking/connection
      tags:
        - connection
      when: enable_connection

    - role: firewall
      tags:
        - firewall
      when: enable_firewall

    - role: networking/ddclient
      tags:
        - ddclient
      when: enable_ddclient

    - role: networking/nameserver
      tags:
        - nameserver
      when: enable_nameserver

    - role: services/mail
      tags:
        - mail
      when: enable_mail

    - role: services/syncthing
      tags:
        - syncthing
      when: enable_syncthing

    # Main SSL certificate (with Let's Encrypt)
    - role: networking/ssl
      tags:
        - ssl
      acme_dir: "https://acme-v02.api.letsencrypt.org/directory"
      cert_name: "{{ domain }}"
      ssl_domains:
        - "{{ server_blocks.wiki.domain }}"
        - "{{ server_blocks.synapse.domain }}"
        - "{{ server_blocks.website.domain }}"
        - "{{ server_blocks.gitea.domain }}"
        - "{{ server_blocks.navidrome.domain }}"
      account_name: "letsencrypt"
      when: enable_ssl

    # SSL cert for dyndns_domain
    - role: networking/ssl
      tags:
        - ssl
      acme_dir: "https://acme-v02.api.letsencrypt.org/directory"
      ssl_domains:
        - "{{ dyndns_domain }}"
      account_name: "letsencrypt"
      when: enable_ssl and dyndns_domain != domain

    # ZeroSSL certificate for Coturn (see https://bugs.chromium.org/p/webrtc/issues/detail?id=11710)
    - role: networking/ssl
      tags:
        - ssl
      acme_dir: "https://acme.zerossl.com/v2/DV90"
      ssl_domains:
        - "{{ service_info.coturn.domain }}"
      acme_eab: {
        alg: HS256,
        key: "{{ zerossl_acme_eab_key }}",
        kid: "{{ zerossl_acme_eab_kid }}"
      }
      acme_email: "{{ zerossl_email }}"
      account_name: "zerossl"
      when: enable_ssl and enable_coturn

    - role: services/webserver
      tags:
        - webserver
      when: enable_webserver

    - role: services/gitea
      tags:
        - gitea
      when: enable_gitea

    - role: services/wiki
      tags:
        - wiki
      when: enable_wiki

    - role: services/navidrome
      tags:
        - navidrome
      when: enable_navidrome

    - role: services/coturn
      tags:
        - coturn
      when: enable_coturn

    - role: services/synapse
      tags:
        - synapse
      when: enable_synapse

    - role: services/website
      tags:
        - website
      when: enable_website

    - role: dotfiles
      tags:
        - dotfiles
      when: enable_dotfiles
Initial file upload 2022-02-27 16:05:34 -05:00			`---`
Reorganise file structure into roles 2022-03-01 17:43:44 -05:00			`- hosts: sv`
Initial file upload 2022-02-27 16:05:34 -05:00			`become: yes`

Make process generally smoother 2022-03-02 19:58:31 -05:00			`gather_facts: no`
Reorganise file structure into roles 2022-03-01 17:43:44 -05:00
Make process generally smoother 2022-03-02 19:58:31 -05:00			`pre_tasks:`
			`- import_tasks: tasks/set_host.yml`
Add tags to playbook 2022-03-19 14:54:24 -04:00			`tags:`
			`- host`
Make process generally smoother 2022-03-02 19:58:31 -05:00			`- import_tasks: tasks/ssh_port.yml`
Add tags to playbook 2022-03-19 14:54:24 -04:00			`tags:`
			`- port`
Bootstrap Python onto the system 2022-03-04 07:30:52 -05:00			`- import_tasks: tasks/bootstrap.yml`
Add tags to playbook 2022-03-19 14:54:24 -04:00			`tags:`
			`- bootstrap`
Reorganise file structure into roles 2022-03-01 17:43:44 -05:00
Make process generally smoother 2022-03-02 19:58:31 -05:00			`roles:`
			`- role: system`
Add tags to playbook 2022-03-19 14:54:24 -04:00			`tags:`
			`- system`
Make process generally smoother 2022-03-02 19:58:31 -05:00
Add AUR role 2022-04-27 17:32:11 -04:00			`- role: aur`
			`tags:`
			`- aur`
			`when: enable_aur`

Reorganise file structure into roles 2022-03-01 17:43:44 -05:00			`- role: filesystems`
Add tags to playbook 2022-03-19 14:54:24 -04:00			`tags:`
			`- filesystems`
Reorganise file structure into roles 2022-03-01 17:43:44 -05:00			`when: enable_filesystems`

Add backup script 2022-05-14 21:37:06 -04:00			`- role: backup`
			`tags:`
			`- backup`
			`when: enable_backup`

Reorganise file structure into roles 2022-03-01 17:43:44 -05:00			`- role: networking/connection`
Add tags to playbook 2022-03-19 14:54:24 -04:00			`tags:`
			`- connection`
Reorganise file structure into roles 2022-03-01 17:43:44 -05:00			`when: enable_connection`

Make process generally smoother 2022-03-02 19:58:31 -05:00			`- role: firewall`
Add tags to playbook 2022-03-19 14:54:24 -04:00			`tags:`
			`- firewall`
Make process generally smoother 2022-03-02 19:58:31 -05:00			`when: enable_firewall`

Reorganise file structure into roles 2022-03-01 17:43:44 -05:00			`- role: networking/ddclient`
Add tags to playbook 2022-03-19 14:54:24 -04:00			`tags:`
			`- ddclient`
Reorganise file structure into roles 2022-03-01 17:43:44 -05:00			`when: enable_ddclient`

			`- role: networking/nameserver`
Add tags to playbook 2022-03-19 14:54:24 -04:00			`tags:`
			`- nameserver`
Reorganise file structure into roles 2022-03-01 17:43:44 -05:00			`when: enable_nameserver`

Make process generally smoother 2022-03-02 19:58:31 -05:00			`- role: services/mail`
Add tags to playbook 2022-03-19 14:54:24 -04:00			`tags:`
			`- mail`
Make process generally smoother 2022-03-02 19:58:31 -05:00			`when: enable_mail`

syncthing: added role 2022-12-25 21:00:16 -05:00			`- role: services/syncthing`
			`tags:`
			`- syncthing`
			`when: enable_syncthing`

ssl, nginx: flexibility and modularity improvements 2022-06-05 13:20:53 -04:00			`# Main SSL certificate (with Let's Encrypt)`
Reorganise file structure into roles 2022-03-01 17:43:44 -05:00			`- role: networking/ssl`
Add tags to playbook 2022-03-19 14:54:24 -04:00			`tags:`
			`- ssl`
ssl, nginx: flexibility and modularity improvements 2022-06-05 13:20:53 -04:00			`acme_dir: "https://acme-v02.api.letsencrypt.org/directory"`
			`cert_name: "{{ domain }}"`
			`ssl_domains:`
			`- "{{ server_blocks.wiki.domain }}"`
			`- "{{ server_blocks.synapse.domain }}"`
			`- "{{ server_blocks.website.domain }}"`
			`- "{{ server_blocks.gitea.domain }}"`
			`- "{{ server_blocks.navidrome.domain }}"`
			`account_name: "letsencrypt"`
Reorganise file structure into roles 2022-03-01 17:43:44 -05:00			`when: enable_ssl`

ssl, nginx: flexibility and modularity improvements 2022-06-05 13:20:53 -04:00			`# SSL cert for dyndns_domain`
			`- role: networking/ssl`
			`tags:`
			`- ssl`
			`acme_dir: "https://acme-v02.api.letsencrypt.org/directory"`
			`ssl_domains:`
			`- "{{ dyndns_domain }}"`
			`account_name: "letsencrypt"`
			`when: enable_ssl and dyndns_domain != domain`

			`# ZeroSSL certificate for Coturn (see https://bugs.chromium.org/p/webrtc/issues/detail?id=11710)`
			`- role: networking/ssl`
			`tags:`
			`- ssl`
			`acme_dir: "https://acme.zerossl.com/v2/DV90"`
			`ssl_domains:`
			`- "{{ service_info.coturn.domain }}"`
			`acme_eab: {`
			`alg: HS256,`
			`key: "{{ zerossl_acme_eab_key }}",`
			`kid: "{{ zerossl_acme_eab_kid }}"`
			`}`
			`acme_email: "{{ zerossl_email }}"`
			`account_name: "zerossl"`
			`when: enable_ssl and enable_coturn`

Make process generally smoother 2022-03-02 19:58:31 -05:00			`- role: services/webserver`
Add tags to playbook 2022-03-19 14:54:24 -04:00			`tags:`
			`- webserver`
Make process generally smoother 2022-03-02 19:58:31 -05:00			`when: enable_webserver`

Reorganise file structure into roles 2022-03-01 17:43:44 -05:00			`- role: services/gitea`
Add tags to playbook 2022-03-19 14:54:24 -04:00			`tags:`
			`- gitea`
Reorganise file structure into roles 2022-03-01 17:43:44 -05:00			`when: enable_gitea`

			`- role: services/wiki`
Add tags to playbook 2022-03-19 14:54:24 -04:00			`tags:`
			`- wiki`
Reorganise file structure into roles 2022-03-01 17:43:44 -05:00			`when: enable_wiki`

Add AUR role 2022-04-27 17:32:11 -04:00			`- role: services/navidrome`
			`tags:`
			`- navidrome`
			`when: enable_navidrome`

Add coturn role 2022-05-22 20:47:58 -04:00			`- role: services/coturn`
			`tags:`
			`- coturn`
			`when: enable_coturn`

Reorganise file structure into roles 2022-03-01 17:43:44 -05:00			`- role: services/synapse`
Add tags to playbook 2022-03-19 14:54:24 -04:00			`tags:`
			`- synapse`
Reorganise file structure into roles 2022-03-01 17:43:44 -05:00			`when: enable_synapse`

			`- role: services/website`
Add tags to playbook 2022-03-19 14:54:24 -04:00			`tags:`
			`- website`
Reorganise file structure into roles 2022-03-01 17:43:44 -05:00			`when: enable_website`

Make process generally smoother 2022-03-02 19:58:31 -05:00			`- role: dotfiles`
Add tags to playbook 2022-03-19 14:54:24 -04:00			`tags:`
			`- dotfiles`
Make process generally smoother 2022-03-02 19:58:31 -05:00			`when: enable_dotfiles`